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LISTING OF THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims in the application: 

1 . (Previously Presented) A method for revocation of a signature certificate in a Public Key 
Infrastructure (PKI) comprising: 

creating an authenticated secure channel with a registration web server; 
requesting the registration web server revoke a user signature certificate, the requesting 
occurring over the authenticated secure channel; 
revoking the user signature certificate; 

notifying a directory by the registration web server of revocation of the user signature 
certificate; 

setting a user entry in the directory to a state without a signature certificate; and 
notifying a personal revocation authority that a user has lost a user signature certificate, the 
notifying occurring before the creating. 

2. (Original) The method according to claim 1, further comprising generating a directory password 
for the user during creation of the user signature certificate. 

Claims 3-8 (Canceled) 

9. (Previously Presented) The method according to claim 1, wherein the creating and requesting are 
initiated by the personal registration authority. 

10. (Original) The method according to claim 9, further comprising requesting a personal registration 
authority's signature certificate to authenticate the personal registration authority before the creating. 

11. (Original) The method according to claim 10, wherein the personal registration authority is a 
supervisor of the user. 

12. (Original) The method according to claim 10, further comprising querying the directory after the 
requesting the registration web server revoke the user signature certificate to determine if the 
personal registration authority is permitted to revoke the user signature certificate. 
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13. (Original) The method according to claim 12, further comprising revoking the user signature 
certificate by the registration web server only if the personal registration authority is permitted to 
revoke the user signature certificate. 

14. (Original) The method according to claim 13, further comprising generating a directory password 
for the user during creation of the user signature certificate. 

15. (Original) The method according to claim 14, further comprising sending the user one of a 
password^and a personal identification number (PIN) by the registration web server after the setting 
of the user entry. 

16. (Original) The method according to claim 15, further comprising requesting a new signature 
certificate by the user using the directory password and one of the password and the PIN. 

17. (Original) The method according to claim 1, wherein the revoking is performed by the 
registration web server. 

18. (Previously Presented) A server comprising a storage medium having instructions stored therein, 
the instructions when executed causing a processing device to perform: 

creating an authenticated secure channel between the server and a personal registration 

authority; 

receiving a request from the personal revocation authority to revoke a user signature 

certificate; 

revoking the user signature certificate; and 

notifying a directory of revocation of the user signature certificate. 

19. (Previously Presented) The server according to claim 18, further comprising verifying the 
personal registration authority is permitted to revoke the user signature certificate. 

20. (Previously Presented) The server according to claim 19, further comprising revoking the user 
signature certificate only if the personal registration authority is permitted to revoke the user 
signature certificate. 



21. (Canceled) 
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22. (Canceled) 

23. (Previously Presented) A system for revocation of a signature certificate in a Public Key 
Infrastructure (PKI) comprising: 

at least one server operably connected to a network; 

a directory operably connected to the network, the directory containing information on at least 
one user; 

at least one client platform operably connected to the network, the at least one user having 
access to the at least one server from the at least one client platform; and 

a registration web server operably connected to the network, the registration web server 
receiving a request for revocation of a user signature certificate from a personal revocation authority, 
the registration web server revoking the user signature certificate only if the personal revocation 
authority is permitted to revoke the user signature certificate, the registration web server notifying the 
directory of revocation of the user signature certificate if revoked. 

24. (Original) The system according to claim 23, wherein the information on at least one user 
includes a user entry related to the user signature certificate, the directory setting the user entry in the 
directory to a state without a signature certificate if the user signature certificate is revoked. 

25. (Previously Presented) The system according to claim 23, further comprising an authenticated 
secure channel between the personal registration authority and the registration web server, the 
requesting occurring over the authenticated secure channel. 

26. (Canceled) 

27. (Canceled) 

28. (Currently Amended) The system according to claim 23, wherein the personal registration 
authority is a supervisor of the at least one user. 



